Best practices to mitigate SQL injections on forms

Hi,

Are there any best practices when creating forms to mitigate SQL injections?

We can do a validation on text fields to make sure certain character strings are not present but I'm not sure if that is a best practice or does the Appian cloud environment have application firewalls to mitigate this kind of thing from happening.

Any input is appreciated.

Thanks,

Gary

 

  Discussion posts and replies are publicly visible

Parents Reply Children
  • 0
    Certified Lead Developer
    in reply to garym
    Hi I agree with Mike, however even in curious case, suppose if an Appian Text Field accepts the Injection code(i don't think so), in such case also you are not going to face any issues, because the injection code will be treated as a normal Text value similar as any other text values such as fName, lName etc.. stored in DB.

    So, i don't think, you need to bother about this.